hello list! first: sorry for my english and the long mail, but i REALLY need help!
i want to kick the nt4 pdc in our network and thought to realize single sign on with samba and ldap. i made two testserver: the first test was with suse linux 7.3 with latest openldap, pam_ldap, nss_ldap and samba 2.2.3a (i compiled all components myself!). the second was with suse linux 8.0 with openldap, pam_ldap, nss_ldap (this three components are the standard rpm's from suse 8.0) and samba 2.2.4 (latest rpm from the suse samba-developer). the basic systems worked and all problems i'm going to describe occurred in both testenvironments! 1. after login from w2k i get the message, that the password expires and asks me if i want to change. if i change or not, at next logon the situation is the same, but i can login over a few weeks without passwordchange. - the only information i found about in the web is, that i can set the users pwdLastSet to -1, but, on the one hand, i doesn't work and on the other hand, if anyone changes his password this field would be overwritten automatically and the old problem starts again. 2. the unix password sync doesn't work. but i think there are two different problems, but let me describe: if i activated the password sync, i got on the w2k client the error "username or password wrong ....". if it's not activated, the passwordchange works!! so i checked the log and thougt i'm silly as i saw the wollowing rows (!!!!!!): [2002/06/13 15:33:23, 10] smbd/chgpasswd.c:dochild(211) Invoking '/etc/ldappwdsmb test' as password change program. [2002/06/13 15:33:26, 100] smbd/chgpasswd.c:expect(265) expect: expected [New password: ] received [New password: ] match no [2002/06/13 15:33:28, 100] smbd/chgpasswd.c:expect(265) expect: expected [New password: ] received [] match no [2002/06/13 15:33:28, 10] smbd/chgpasswd.c:expect(276) expect: returning False [2002/06/13 15:33:28, 3] smbd/chgpasswd.c:talktochild(302) Response 1 incorrect after this i made a test where the chat isn't activated and the passwd- program is a shell-script that only writes a text into a file. at the next try there where no logging like the lines above, the passwd- programm ended normally (because the text was in the file), but the w2k- client told again that username or password is wrong! so i think, that this are two different problems, but i can't understand! 3. the domain group map doesn't work! i found a lot of descriptions about and all where same. so, i thougt i'm on the right way and made it like these discriptions, but at samba 2.2.3a there was shown only one group named with hieroglyphs. at 2.2.4 no group is shown from my map-file, but there are shown the groups domain admins and domain users - could anyone tell me where these groups are configured in samba? i need the groupmapping because we have one w2k-database and fileserver and i can't cick it. please help me thank you very much lg thomas reisenbichler -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba